Home Explore Project
Register Sign In
linux
/
acme.sh
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Native PointHQ support

Mike Barnes 6 years ago
parent
4420d073bb
commit
72ce37704b
2 changed files with 180 additions and 3 deletions
Split View Show Diff Stats
  1. 16 3
      dnsapi/README.md
  2. 164 0
      dnsapi/dns_pointhq.sh

+ 16 - 3
dnsapi/README.md
View File 

@@ -1,12 +1,12 @@
 
 # How to use DNS API
 
 
-If your dns provider doesn't provide api access, you can use our dns alias mode: 
+If your dns provider doesn't provide api access, you can use our dns alias mode:
 
 
 https://github.com/Neilpang/acme.sh/wiki/DNS-alias-mode
 
 
 ## 1. Use CloudFlare domain API to automatically issue cert
 
 
-First you need to login to your CloudFlare account to get your [API key](https://dash.cloudflare.com/profile). 
+First you need to login to your CloudFlare account to get your [API key](https://dash.cloudflare.com/profile).
 
 
 ```
 
 export CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
 
@@ -891,7 +891,7 @@ acme.sh --issue --dns dns_loopia -d example.com -d *.example.com
 
 The username and password will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
 
 ## 45. Use ACME DNS API
 
 
-ACME DNS is a limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely. 
+ACME DNS is a limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
 
 https://github.com/joohoi/acme-dns
 
 
 ```
 
@@ -1056,6 +1056,7 @@ Now you can issue a certificate.
 
 acme.sh --issue --dns dns_namecheap -d example.com -d *.example.com
 
 ```
 
 
+<<<<<<< HEAD
 
 ## 54. Use MyDNS.JP API
 
 
 First, register to MyDNS.JP and get MasterID and Password.
 
@@ -1127,6 +1128,18 @@ acme.sh --issue --dns dns_exoscale -d example.com -d www.example.com
 
 
 The `EXOSCALE_API_KEY` and `EXOSCALE_SECRET_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
 
 
+## 58. Using PointHQ API to issue certs
 
+
 
+Log into [PointHQ account management](https://app.pointhq.com/profile) and copy the API key from the page there.
 
+
 
+```export PointHQ_Key="apikeystringgoeshere"
 
+exportPointHQ_Email="accountemail@yourdomain.com"
 
+```
 
+
 
+You can then issue certs by using:
 
+```acme.sh --issue --dns dns_pointhq -d example.com -d www.example.com
 
+```
 
+
 
 # Use custom API
 
 
 If your API is not supported yet, you can write your own DNS API.

+ 164 - 0
dnsapi/dns_pointhq.sh
View File 

@@ -0,0 +1,164 @@
 
+#!/usr/bin/env sh
 
+
 
+#
 
+#PointHQ_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
 
+#
 
+#PointHQ_Email="xxxx@sss.com"
 
+
 
+PointHQ_Api="https://api.pointhq.com"
 
+
 
+########  Public functions #####################
 
+
 
+#Usage: add  _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
 
+dns_pointhq_add() {
 
+  fulldomain=$1
 
+  txtvalue=$2
 
+
 
+  PointHQ_Key="${PointHQ_Key:-$(_readaccountconf_mutable PointHQ_Key)}"
 
+  PointHQ_Email="${PointHQ_Email:-$(_readaccountconf_mutable PointHQ_Email)}"
 
+  if [ -z "$PointHQ_Key" ] || [ -z "$PointHQ_Email" ]; then
 
+    PointHQ_Key=""
 
+    PointHQ_Email=""
 
+    _err "You didn't specify a PointHQ API key and email yet."
 
+    _err "Please create the key and try again."
 
+    return 1
 
+  fi
 
+
 
+  if ! _contains "$PointHQ_Email" "@"; then
 
+    _err "It seems that the PointHQ_Email=$PointHQ_Email is not a valid email address."
 
+    _err "Please check and retry."
 
+    return 1
 
+  fi
 
+
 
+  #save the api key and email to the account conf file.
 
+  _saveaccountconf_mutable PointHQ_Key "$PointHQ_Key"
 
+  _saveaccountconf_mutable PointHQ_Email "$PointHQ_Email"
 
+
 
+  _debug "First detect the root zone"
 
+  if ! _get_root "$fulldomain"; then
 
+    _err "invalid domain"
 
+    return 1
 
+  fi
 
+  _debug _sub_domain "$_sub_domain"
 
+  _debug _domain "$_domain"
 
+
 
+  _info "Adding record"
 
+  if _pointhq_rest POST "zones/$_domain/records" "{\"zone_record\": {\"name\":\"$_sub_domain\",\"record_type\":\"TXT\",\"data\":\"$txtvalue\",\"ttl\":3600}}"; then
 
+    if printf -- "%s" "$response" | grep "$fulldomain" >/dev/null; then
 
+      _info "Added, OK"
 
+      return 0
 
+    else
 
+      _err "Add txt record error."
 
+      return 1
 
+    fi
 
+  fi
 
+  _err "Add txt record error."
 
+  return 1
 
+}
 
+
 
+#fulldomain txtvalue
 
+dns_pointhq_rm() {
 
+  fulldomain=$1
 
+  txtvalue=$2
 
+
 
+  PointHQ_Key="${PointHQ_Key:-$(_readaccountconf_mutable PointHQ_Key)}"
 
+  PointHQ_Email="${PointHQ_Email:-$(_readaccountconf_mutable PointHQ_Email)}"
 
+  if [ -z "$PointHQ_Key" ] || [ -z "$PointHQ_Email" ]; then
 
+    PointHQ_Key=""
 
+    PointHQ_Email=""
 
+    _err "You didn't specify a PointHQ API key and email yet."
 
+    _err "Please create the key and try again."
 
+    return 1
 
+  fi
 
+
 
+  _debug "First detect the root zone"
 
+  if ! _get_root "$fulldomain"; then
 
+    _err "invalid domain"
 
+    return 1
 
+  fi
 
+  _debug _sub_domain "$_sub_domain"
 
+  _debug _domain "$_domain"
 
+
 
+  _debug "Getting txt records"
 
+  _pointhq_rest GET "zones/${_domain}/records?record_type=TXT&name=$_sub_domain"
 
+
 
+  if ! printf "%s" "$response" | grep "^\[" >/dev/null; then
 
+    _err "Error"
 
+    return 1
 
+  fi
 
+
 
+  if [ "$response" = "[]" ]; then
 
+    _info "No records to remove."
 
+  else
 
+    record_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":[^,]*" | cut -d : -f 2 | tr -d \" | head -n 1)
 
+    _debug "record_id" "$record_id"
 
+    if [ -z "$record_id" ]; then
 
+      _err "Can not get record id to remove."
 
+      return 1
 
+    fi
 
+    if ! _pointhq_rest DELETE "zones/$_domain/records/$record_id"; then
 
+      _err "Delete record error."
 
+      return 1
 
+    fi
 
+    _contains "$response" '"status":"OK"'
 
+  fi
 
+}
 
+
 
+####################  Private functions below ##################################
 
+#_acme-challenge.www.domain.com
 
+#returns
 
+# _sub_domain=_acme-challenge.www
 
+# _domain=domain.com
 
+_get_root() {
 
+  domain=$1
 
+  i=2
 
+  p=1
 
+  while true; do
 
+    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
 
+    _debug h "$h"
 
+    if [ -z "$h" ]; then
 
+      #not valid
 
+      return 1
 
+    fi
 
+
 
+    if ! _pointhq_rest GET "zones"; then
 
+      return 1
 
+    fi
 
+
 
+    if _contains "$response" "\"name\":\"$h\"" >/dev/null; then
 
+      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
 
+      _domain=$h
 
+      return 0
 
+    fi
 
+    p=$i
 
+    i=$(_math "$i" + 1)
 
+  done
 
+  return 1
 
+}
 
+
 
+_pointhq_rest() {
 
+  m=$1
 
+  ep="$2"
 
+  data="$3"
 
+  _debug "$ep"
 
+
 
+  _pointhq_auth=$(printf "%s:%s" "$PointHQ_Email" "$PointHQ_Key" | _base64)
 
+
 
+  export _H1="Authorization: Basic $_pointhq_auth"
 
+  export _H2="Content-Type: application/json"
 
+  export _H3="Accept: application/json"
 
+
 
+  if [ "$m" != "GET" ]; then
 
+    _debug data "$data"
 
+    response="$(_post "$data" "$PointHQ_Api/$ep" "" "$m")"
 
+  else
 
+    response="$(_get "$PointHQ_Api/$ep")"
 
+  fi
 
+
 
+  if [ "$?" != "0" ]; then
 
+    _err "error $ep"
 
+    return 1
 
+  fi
 
+  _debug2 response "$response"
 
+  return 0
 
+}